Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    89s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/09/2022, 02:31

General

  • Target

    a4babb0e052f972640a840da092cc2b70544f04eb6d3c5fb0699747093c85cb1.exe

  • Size

    2.4MB

  • MD5

    ee577c6818e4c4fdfac6221a7678453e

  • SHA1

    39b172bc8d5f47e512e0ba90f70ce21661618273

  • SHA256

    a4babb0e052f972640a840da092cc2b70544f04eb6d3c5fb0699747093c85cb1

  • SHA512

    935d466a1de6d03ed5f8287bae32b52d86451c83a1d1d88cc99951d9b8f475b152fc07763d705417faf7386d1327cc033490bbb6a183d13f34a2adb3b7ddf198

  • SSDEEP

    49152:dRkVU7z3NhvRaZhTm6mxd2YYglcAxRXK/poKGheD7YJ4zSreZMn2j+w2D:dPv3z6hTN/YYETxhK/WKGheD7YJ4zKey

Malware Config

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

  • detect oss ak 2 IoCs

    oss ak information detected.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Script User-Agent 1 IoCs

    Uses user-agent string associated with script host/environment.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4babb0e052f972640a840da092cc2b70544f04eb6d3c5fb0699747093c85cb1.exe
    "C:\Users\Admin\AppData\Local\Temp\a4babb0e052f972640a840da092cc2b70544f04eb6d3c5fb0699747093c85cb1.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3464-132-0x0000000000400000-0x0000000000718000-memory.dmp

    Filesize

    3.1MB

  • memory/3464-133-0x0000000000400000-0x0000000000718000-memory.dmp

    Filesize

    3.1MB